In one of the questions on this site, it was suggested the use of Dropbox to save a backup copy of your passport, in case you need to proof who you are if your original document is lost.

I like the idea, but what if someone gets access to your Dropbox folders and is able to acquire the copy of your passport.
The same goes for when you leave a copy of your passport at a hotel receptions desk. Once someone has the info printed on that copy, would that make it easier to steal your identity?

3 Answers
3

Yes - it does increase the risk of identity theft, however for most successful identity thefts, the attacker would need various other bits of information as well.

The best way to think of it is that every piece of information about you an attacker has, the less effort he has to expend to impersonate you.

Once an attacker can impersonate you they could steal your money (this happens a lot with online banking), your house (a handful of cases seen so far), your credit rating, your reputation, and generally cause you major problems.

General recommendation is to not place anything in Dropbox unencrypted, if it is at all sensitive.

A passport copy can often contain sensitive information such as date of birth which can be used to access other sensitive information such as bank accounts. However, most transactions where you need to get in touch with customer care to get access will also require additional details such as secret passphrases, PINs, address information, or account numbers - none of which are available on your passport, hence the passport alone will usually not help anyone steal your identity. Additionally, if trying to steal your identity in person as opposed to online or the phone, they'd need to look similar to you and/or back it up with some form of secondary ID such as a national ID or a driver's license, and obtaining BOTH your passport copy and your secondary ID can be hard for a casual counterfeiter.

Dropbox isn't the only way to store copies of your passport; some people do this by saving a scanned copy in their email account. Whatever way you choose, if you are concerned protecting data then you should look into enabling two-factor authentication on such accounts where in addition to your password you also need to enter a one-time password generated either by an app or sent to you by text message to access the account. Since receiving text messages is free in most countries even when roaming (or is reasonably cheap), this can be a good way of boosting security on your account while travelling.

Needed to say, with Dropbox, i.e. collaborative file-sharing system, having an SMS double-check is a bit of a non-sense :-/ However I agree, Dropbox is not the best place in the world to store sensitive data.
–
yo'Jan 29 '14 at 10:50

There is an app that integrates with Dropbox that encrypts your data, so that you get the convenience of having it everywhere but much more difficult to steal. It's called BoxCryptor, check it out. I have my passport and some insurance stuff on there as a backup.

Except you don't get it everywhere. You need a copy of this software installed to access it, which isn't going to work well when you're being held by immigration due to having lost your passport...
–
DocJan 28 '14 at 22:54

2

Yeah you can have it on your phone, with Dropbox you can set favourites so they're available to view offline on your phone. Worst case, if they ask to see something, you can request some 3G/wifi to download before unlocking the encrypted docs
–
Blackbird57Jan 30 '14 at 16:28